A basic c2 / agent.
☆118Apr 16, 2020Updated 5 years ago
Alternatives and similar repositories for c2
Users that are interested in c2 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Its a coff loader ported to go☆20Oct 2, 2022Updated 3 years ago
- A C# implementation of dumping credentials from Windows Credential Manager☆62Sep 23, 2023Updated 2 years ago
- POC for a basic C2 server using the python aiohttp framework☆15Mar 22, 2020Updated 6 years ago
- Open source C2 server created for stealth red team operations☆836Sep 26, 2022Updated 3 years ago
- Repo for malware development practices I post on my blog☆36Oct 5, 2024Updated last year
- ☆101Oct 7, 2023Updated 2 years ago
- WIP shellcode loader in nim with EDR evasion techniques☆219Mar 30, 2022Updated 3 years ago
- A C2 framework for initial access in Go☆199Jul 5, 2022Updated 3 years ago
- Rust implementation of the Process Herpaderping☆26Jul 6, 2023Updated 2 years ago
- ☆26Nov 25, 2025Updated 3 months ago
- ☆620Jul 21, 2025Updated 8 months ago
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,374Oct 27, 2023Updated 2 years ago
- A collection of presentations and other contributions I have made to conferences.☆36Sep 9, 2024Updated last year
- Detect EDR's exceptions by inspecting processes' loaded modules☆131Mar 15, 2024Updated 2 years ago
- ☆17Jun 28, 2023Updated 2 years ago
- The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).☆237Dec 14, 2024Updated last year
- Cheatsheets☆19Jul 4, 2022Updated 3 years ago
- Quick and dirty PowerShell script to abuse the overly permissive capabilities of the SYSTEM user in a child domain on the Public Key Serv…☆29Jul 25, 2023Updated 2 years ago
- ☆234Jun 10, 2025Updated 9 months ago
- Aims to identify sleeping beacons☆663Jan 25, 2026Updated last month
- A stager and implant that executes remote Web Assembly☆60Feb 4, 2026Updated last month
- https://0xrick.github.io/win-internals/pe8/☆54Oct 29, 2021Updated 4 years ago
- A simple, extensible C&C beaconing system.☆103Feb 13, 2018Updated 8 years ago
- This repo is for the youtube video where we have explained how to make a detectable reverse shell undetectable by windows defender☆29Mar 16, 2024Updated 2 years ago
- A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from …☆1,092Jul 26, 2021Updated 4 years ago
- Proof-of-concept code for understanding the allow-jit entitlement on macOS☆31Feb 19, 2026Updated last month
- Demo from the Malware Analysis and Development Webinar☆25Apr 17, 2024Updated last year
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆14Jan 15, 2025Updated last year
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆1,198Oct 16, 2023Updated 2 years ago
- c# reverse shell poc☆26Dec 22, 2025Updated 3 months ago
- Terminate AV/EDR processes by exploiting the vulnerable NsecSoft driver☆33Sep 15, 2025Updated 6 months ago
- Modified versions of the Cobalt Strike Process Injection Kit☆106Jan 24, 2024Updated 2 years ago
- Code for profiling sandboxes - Initially an idea to profile sandboxes, the code is written to take enviromental variables and send them b…☆30Dec 7, 2025Updated 3 months ago
- Watches the Downloads folder for any new files and inserts it into Nemesis for analysis.☆15Feb 29, 2024Updated 2 years ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆85Aug 13, 2024Updated last year
- Mythic C2 agent targeting Linux and Windows hosts written in Rust☆405Nov 26, 2025Updated 3 months ago
- Various Cobalt Strike BOFs☆744Oct 16, 2022Updated 3 years ago
- You shall pass☆270Jul 16, 2022Updated 3 years ago
- MSBuild without MSbuild.exe☆135Dec 21, 2020Updated 5 years ago